New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
5.x odd taint bug #6989
Comments
From dom@idealx.comCreated by dom@idealx.comTainting is able to contaminate special variable $^O that is only use strict; die if Taint::tainted($^O);' Tested on 5.6.1 (this bug report) and also 5.8.0 on Debian/testing (on Temporary fix in perl5db.pl 5.8.0 : Inline Patch--- /etc/perl/perl5db.pl 2003-12-16 12:29:59.000000000 +0100
+++ /usr/share/perl/5.8.0/perl5db.pl 2003-06-05 16:37:24.000000000 +0200
@@ -510,14 +510,12 @@
parse_options($ENV{PERLDB_OPTS});
}
-# This is really weird... This block of code taints $^O! dom@idealx.com
if ( not defined &get_fork_TTY and defined $ENV{TERM} and $ENV{TERM} eq 'xterm'
and defined $ENV{WINDOWID} and defined $ENV{DISPLAY} ) { # _inside_ XTERM?
*get_fork_TTY = \&xterm_get_fork_TTY;
} elsif ($^O eq 'os2') {
*get_fork_TTY = \&os2_get_fork_TTY;
}
-$^O =~ m/^(.*)$/; $^O=$1; # dom@idealx.com
# Here begin the unreadable code. It needs fixing.
Perl Info
|
From @rgsDominique Quatravaux (via RT) wrote:
Confirmed with bleadperl. Simpler test case pasted below : #!perl -l altough I'm not 100% sure yet it's a bug.
I applied your temporary fix as change #21940 to bleadperl, thanks. |
From @iabynOn Sun, Dec 21, 2003 at 05:04:41PM +0100, Rafael Garcia-Suarez wrote:
Eh? I can't get that to fail on any of the copies of 5.8.x and bleed that I -- |
From @iabynOn Sun, Jan 04, 2004 at 08:48:34PM +0000, Dave Mitchell wrote:
[ Rafael privately pointed out to me that I needed the -T flag. Sometimes I think it is a bug. Either the OS name should be considered dangerous, Second opinion, anyone? (I presume similar stuff will apply to some of the other $^FOO vars) Dave. -- |
From @rgsDave Mitchell wrote:
I agree. |
From @rspier
I was going to argue against this, because... this feels like a taint leakage bug. Because of how magic works, BUT -- since the value in %Config and the value in $^O should always be ($^O is PL_osname which is initialized from OSNAME, which is Also, config.h says: * This symbol contains the name of the operating system, as determined -R |
From @lizmatAt 00:53 -0800 1/5/04, Robert Spier wrote:
Maybe a crazy idea, but when running under taint, $^O should get its <paranoid mode=on> Liz |
From @rgsElizabeth Mattijsen wrote:
And load Config.pm behind the scenes ? no. On the other hand, $^O isn't read-only, and I see few benefits in If it were made read-only, magic could be removed from it, and it could |
From @lizmatAt 10:03 +0100 1/5/04, Rafael Garcia-Suarez wrote:
I agree. But I wanted it said nonetheless. ;-)
That makes much _more_ sense to me. Liz |
From @pjcjElizabeth Mattijsen said:
Assigning to $^O can be very useful. Admittedly, primarily as a way to A couple of examples spring to mind. - One of the first Windows ports used to identify itself as IRIX, I think. Just something to think about, -- |
From @rgsPaul Johnson wrote:
OK :) Thinking about this, and since PL_osname is not used for another purpose |
From @lizmatAt 10:48 +0100 1/5/04, Paul Johnson wrote:
I think this can be easily circumvented by using another variable, eg. $OSNAME: if ($DEBUG) {
Indeed, I hadn't thought about that. But I never assumed that you Liz |
From @hvdsRafael Garcia-Suarez <rgarciasuarez@free.fr> wrote: An alternative approach would be to do the mandatory SvTAINTED_off on get, Hugo |
From stas@stason.orgPaul Johnson wrote:
And there is at least one module that relies on $^O being writable, __________________________________________________________________ |
From @lizmatAt 10:26 -0800 1/5/04, Stas Bekman wrote:
I would say this is an extra reason to make $^O read-only: if you Any user code that directly sets $^O will bypass whatever you do in Liz |
From @rgsElizabeth Mattijsen wrote:
With Internals::SvREADONLY() :) FWIW I've no problem with Devel::* modules messing with the internals : That said, I like Hugo's suggestion -- prevent from assigning tainted data |
From dom@idealx.com
This is a taint leakage bug beyond all doubt - in my test case $^O -- |
From @iabynOn Mon, Jan 05, 2004 at 12:10:07PM +0000, hv@crypt.org wrote:
Change 22071 by davem@davem-percy on 2004/01/05 22:17:04 [perl #24674] Affected files ... ... //depot/perl/mg.c#292 edit Differences ... ==== //depot/perl/mg.c#292 (text) ==== @@ -648,8 +648,10 @@ ==== //depot/perl/t/op/taint.t#61 (xtext) ==== @@ -124,7 +124,7 @@ my $TEST = catfile(curdir(), 'TEST'); -print "1..220\n"; # First, let's make sure that Perl is checking the dangerous |
From abe@ztreet.demon.nlOp een druilerige winterdag (Monday 05 January 2004 13:10), schreef
(sorry, know nowt about internals, but still, I use some $^O assignments and local and "tainted assignments" wouldn't: local If so I'd be in faviour, as I don't want to loose the ability to assign to $^O Good luck, Abe |
From @iabynOn Tue, Jan 06, 2004 at 12:28:39AM +0100, Abe Timmerman wrote:
yep
run-time error -- |
p5p@spam.wizbit.be - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#24674 (status was 'resolved')
Searchable as RT24674$
The text was updated successfully, but these errors were encountered: